Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: openscap-docker | Distribution: openSUSE:Factory:zSystems |
Version: 1.3.9 | Vendor: openSUSE |
Release: 1.1 | Build date: Sun Sep 24 14:45:18 2023 |
Group: System/Libraries | Build host: s390zl22 |
Size: 22885 | Source RPM: openscap-1.3.9-1.1.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://www.open-scap.org/ | |
Summary: Docker plugin for OpenSCAP |
This package contains the Docker support for OpenSCAP.
LGPL-2.1-or-later
* Thu Sep 21 2023 Andreas Stieger <andreas.stieger@gmx.de> - update to 1.3.9: * use PCRE2 library * Fix offline mode (OVAL/sysctl) * Fix leak of dpkg cache when dpkginfo_init is called multiple times * Fix un-expanded variable in xccdf report output * Fix issues when parsing profiles * Fix minor problems and resource leaks * Wed Jun 21 2023 Robert Frohl <rfrohl@suse.com> - openscap 1.3.8 * New features - The boot-time remediation service for systemd's Offline Update mode is now disabled by default - Add offline capabilities to the shadow OVAL probe - Add offline capabilities to the sysctl OVAL probe - Add 'auristorfs' to list of network fileystems - Add new experimental linux-bound fwupdsecattr probe for system firmware security attributes (fwupd-based) * Maintenance, bug fix - Use ListUnitFiles D-Bus method to fetch all units in systemd OVAL probe - Fix minor resource leaks * Wed Mar 29 2023 Marcus Meissner <meissner@suse.com> - remove _service confusion, we use final tarballs. * Tue Mar 28 2023 kkaempf@suse.com - Update to version 1.3.7: * openscap-1.3.7 * Bump soname from 25.5.0 to 25.5.1 * Bump version to openscap-1.3.7 * Fix typos in docs * Remove a check for suspicious files * Add debian_evr_string tests to CMakeLists * Add a few unittests for debian_evr_string * Remove To be done * Move release guide to upstream - add 0005-rename-requires-reqs-for-C-20-compatibility.patch - rename patches openscap-opensuse-cpe.patch to 0001-Add-openSUSE-cpe-links.patch openscap-suse-cpe.patch to 0002-Add-SUSE-cpe-links.patch openscap-docker-add-suse.patch to 0003-Use-openSUSE-SUSE-cpe-links.patch oscap-remediate.service.in.patch to 0004-oscap-remediate-is-located-in-bindir.patch - drop 0001-Use-correct-includes.patch (upstream) * Mon Jan 23 2023 Thorsten Kukuk <kukuk@suse.com> - Require systemd for building, was pulled in before by indirect dependencies which don't exist anymore * Thu Jan 19 2023 Marcus Meissner <meissner@suse.com> - 0001-Use-correct-includes.patch: fixed build with rpm 4.18 * Wed Sep 21 2022 Dirk Müller <dmueller@suse.com> - require shared library in the same version or newer * Thu Sep 15 2022 Marcus Meissner <meissner@suse.com> - added Leap 15.4 and 15.5 dictionary entries. (bsc#1203408) * Sat Feb 19 2022 Bjørn Lie <bjorn.lie@gmail.com> - Conditionally drop optional gconf2-devel BuildRequires for openSUSE Tumbleweed and newer: gconf2 is being droppped from openSUSE Tumbleweed, build without gconf2 support. * Thu Jan 20 2022 Robert Frohl <rfrohl@suse.com> - openscap 1.3.6 * New features - Select and exclude groups of rules on the command line - The boot-time remediation service for systemd's Offline Update mode - Memory limit control using OSCAP_PROBE_MEMORY_USAGE_RATIO environment variable - Allow disablement of SHA-1 and MD5 - Allow providing pre-downloaded components - Introduce OSBuild Blueprint fix type * Maintenance, bug fix - Fix coverity issues - Patch the `segfault` in dpkginfo_fini() - Add an alternative source of hostname - Fail download on HTTP errors - Compile "environmentvariable_probe" on Windows - FreeBSD build and test fixes - Add offline mode for password probe - Initialize crypto API only once - Fix UBI 9 scan - oval/yamlfilecontent: Add 'null' values handling - Do not set Rpath - Do not split `XCCDF:requires` with multiple `idrefs` - Allow empty /proc in offline mode - oscap-remediate is shipped via /usr/bin Added oscap-remediate.service.in.patch - spec-cleaner run * Tue Dec 07 2021 Marcus Meissner <meissner@suse.com> - openscap-docker-add-suse.patch: add SLES support oscap-docker (bsc#1179314) * Mon Oct 04 2021 Marcus Meissner <meissner@suse.com> - ship python3 docker module always * Thu Aug 19 2021 Steve Kowalik <steven.kowalik@suse.com> - Since upstream has moved to Python 3, switch the BuildRequires from python-devel to python3-devel. * Wed Jul 14 2021 Robert Frohl <rfrohl@suse.com> - Add definition for tumbleweed to openscap-opensuse-cpe.patch (boo#1186735) * Wed Jun 02 2021 Robert Frohl <rfrohl@suse.com> - add old patches - slightly renamed; cpe are needed (boo#1186735) * openscap-opensuse-cpe.patch * openscap-suse-cpe.patch * Fri Apr 23 2021 Robert Frohl <rfrohl@suse.com> - openscap 1.3.5 * New features - Made schematron-based validation enabled by default for validate command of oval and xccdf modules - Added SCAP 1.3 source data stream Schematron - Added XML Signature Validation - Added --enforce-signature option for eval, guide, and fix modules - Added <content> entity support (OVAL/yamlfilecontent) - Allowed to clamp mtime to SOURCE_DATE_EPOCH - Added severity and role attributes - Added support for requires/conflicts elements of the Rule and Group (XCCDF) - Added Kubernetes remediation to HTML report * Maintenance, bug fix - Fixed CMake warnings - Made 'gpfs', 'proc' and 'sysfs' filesystems non-local - Fixed handling of '--arg=val'-styled common options - Documented used environment variables - Updated man page and help texts - Added --skip-validation option synonym for --skip-valid - Fixed behavior of StateType operator - Fixed some of the coverity warnings - Ignoring namespace in XPath expressions - Fixed how oval_probe_ext_eval checks absence of the response from the probe (obtrusive data warning) - Described SWID tags detection - Improved documentation about --stig-viewer option - File probe behaviour fixed (symlink traversal now behaves as defined by OVAL) - Fixed multiple segfaults and broken test in --stig-viewer feature - Added dpkg version comparison algorithm - Pluged some memory leaks - Fixed TestResult/benchmark/@href attribute - Fixed memory allocation - Fixed field names for cases where key selection section is followed by a set section (probes/yamfilecontent) - Changing hard coded libperl path in favor of FindPerlLibs method - Check local filesystems when using 'filepath' element - dropped, because not needed anymore: * 0001-Fix-memory-allocation.patch * openscap-new-suse.patch * openscap-leap-cpe-15.12.patch * Sat Nov 14 2020 Marcus Meissner <meissner@suse.com> - 0001-Fix-memory-allocation.patch: fixed a crash during oscap oval eval * Mon Nov 09 2020 Marcus Meissner <meissner@suse.com> - openscap-leap-cpe-15.12.patch: add CPE dict entries for openSUSE Leap 15.1 and 15.2 * Sat Oct 31 2020 Marcus Meissner <meissner@suse.com> - add dbus-1-devel buildrequires to enable systemd tests (bsc#1178301) * Fri Oct 02 2020 Robert Frohl <rfrohl@suse.com> - openscap 1.3.4 * New features - Add support for FreeBSD - Make use of HTTP header content-encoding: gzip if available - Improved yamlfilecontent: updated yaml-filter, extend the schema and probe to be able to work with a set of values in maps * Maintenance, bug fixes - A lot of memory leaks have been plugged - Refactored rpmverifyfile probe and fixed memory leak - Fixed SEGFAULT caused by recursive and circular dependencies between OVAL definitions - Fixed DOM representation of the profile platform - Test suit: better portability, more granularity in results, inclusion of memory-related tests - Compatibility with uClibc - Local and remote file system detection method was improved - Make the report a valid HTML5 document * Mon May 04 2020 Marcus Meissner <meissner@suse.com> - openscap 1.3.3. Notable improvements in this release: - a Python script that can be used for CLI tailoring (autotailor) (thank you, Matěj Týč); - timezone for XCCDF TestResult start and end time (thank you, Jan Černý); - new yamlfilecontent independent probe (draft implementation), see the proposal https://github.com/OVAL-Community/OVAL/issues/91 for additional information. There are other changes as well, here is the list: - Introduced `urn:xccdf:fix:script:kubernetes` fix type in XCCDF; - Added ability to generate `machineconfig` fix; - Detect ambiguous scan target (utils/oscap-podman); - Fixed #170: The rpmverifyfile probe can't verify files from '/bin' directory; - The data system_info probe return for offline and online modes is consistent and actual; - Prevent crashes when complicated regexes are executed in textfilecontent58 probe; - Fixed #1512: Severity refinement lost in generated guide; - Fixed #1453: Pointer lost in Swig API; - Evaluation Characteristics of the XCCDF report are now consistent with OVAL entities; from system_info probe; - Fixed filepath pattern matching in offline mode in textfilecontent58 probe; - Fixed infinite recursion in systemdunitdependency probe; - Fixed the case when CMake couldn't find libacl or xattr.h. - dropped 0001-Do-not-use-C-keyword-operator-as-a-function-paramete.patch: upstream * Wed Mar 25 2020 Christophe Giboudeaux <christophe@krop.fr> - Add upstream patch to fix the scap-workbench build: * 0001-Do-not-use-C-keyword-operator-as-a-function-paramete.patch * Tue Jan 14 2020 Marcus Meissner <meissner@suse.com> - switch back to official release - openscap 1.3.2 - the test suite and build scripts were improved to support Debian 10 - offline mode has received some love with a set of dedicated tests and various fixes in OVAL probes; - the oscap-docker wrapper is no longer dependent on Atomic - Python binding are now more robust - HTML reports and guides, generated by the scanner, are now more accessible for non-visual rendering agents - Support of multi-check rules has been improved across the whole workflow There are other changes as well, here is the list: * New features - Offline mode support for environmentvariable58 probe - The oscap-docker wrapper is available without Atomic + Maintenance, bug fixes - Improved support of multi-check rules (report, remediations, console output) - Improved HTML report look and feel, including printed version - Less clutter in verbose mode output; some warnings and errors demoted to verbose mode levels - Probe rpmverifyfile uses and returns canonical paths - Improved a11y of HTML reports and guides - Fixes and improvements for SWIG Python bindings - #1403 fixed: Scanner would not apply remediation for multicheck rules (verbosity) - Fixed URL link mechanism for Red Hat Errata - New STIG Viewer URI: public.cyber.mil - Probe selinuxsecuritycontext would not check if SELinux is enabled - Scanner would provide information about unsupported OVAL objects - Added more tests for offline mode (probes, remediation) - #528 fixed: Eval SCE script when /tmp is in mode noexec - #1173, RHBZ#1603347 fixed: Double chdir/chroot in probe rpmverifypackage * Sat Jan 11 2020 Marcus Meissner <meissner@suse.com> - temporary openscap 1.3.1 git snapshot - make it build with new RPM (bsc#1160720) * Sat Jan 11 2020 Marcus Meissner <meissner@suse.com> - use distribution-release instead of dummy-release
/usr/bin/oscap-docker /usr/lib/python3.11/site-packages/oscap_docker_python /usr/lib/python3.11/site-packages/oscap_docker_python/__init__.py /usr/lib/python3.11/site-packages/oscap_docker_python/get_cve_input.py /usr/lib/python3.11/site-packages/oscap_docker_python/oscap_docker_common.py /usr/lib/python3.11/site-packages/oscap_docker_python/oscap_docker_util.py
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Mar 9 12:50:11 2024